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I. REAL PARTY IN INTEREST 

The real party in interest is Encentuate P.T.E. L.T.D. of Singapore, Singapore. 
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II. RELATED APPEALS. INTERFERENCES. AND JUDICIAL PROCEEDINGS 

Appellant is not aware of other appeals, interferences, or judicial proceedings which 
would have a bearing on the Board's decision in this appeal. 
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III. STATUS OF CLAIMS 

The application was initially filed with 15 claims. Claims 16-20 were added in the 
amendment and response to the Office Action filed on December 21 , 2006. 

Claims 1-20 are pending in this application. Claims 1, 5, 7, 8, 11, 15, 18, and 19 
stand rejected under 35 U.S.C. § 101 for double patenting. Claims 1, 3, 6, 11, 13, 15-17 
stand rejected under 35 U.S.C. § 102(e), and claims 2, 4, 5, 7-10, 12, 14, and 18-20 stand 
rejected under 35 U.S.C. § 103(a). 

Claims 1-20 are the subject of the present appeal. The text of these claims is set 
forth below in the Claims Appendix. 
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IV. STATUS OF AMENDMENTS 

No amendments have been filed subsequent to a Final Office Action dated April 6, 

2007. 
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V. SUMMARY OF CLAIMED SUBJECT MATTER 

A. Overview of the Invention and Prior Art 
1. The Invention 

Applicant's invention relates to a method and apparatus for providing to a system 
administrator a view of the plurality of applications accessible by a user. The applications 
are identified by examining an authentication credential container of the user. 

In specific embodiments, the present invention identifies the totality of applications 
accessible by the user by examining authentication credential container of the user 
[Specification, 19:16-19], generates a view of the totality of applications accessible by the 
user [Specification, 19:18-21] and displays the view to the administrator [Specification, 
19:20-21]. 

In one embodiment, the present invention discloses an apparatus comprising an 
identifier module to identify the totality of applications accessible by the user by examining 
authentication credential container of the user [Specification, 19:16-19], a view generator 
to generate a view of the totality of applications accessible by the user [Specification, 
19:18-21], and a view displayer to display the view of the totality of applications accessible 
by the user to the administrator [Specification, 19:20 - 20:1] 

B. Independent Claims on Appeal 

The rejected independent claims are directed to various methods and apparatus for 
providing a system administrator with a view of a totality of applications accessible by a 
user. The independent claims are described as follows: 

1. Claim 1 

Claim 1 is directed toward a method. The method identifies the totality of 
applications accessible by the user by examining authentication credential container of the 
user. [Specification, 19:16-19] The method further generates a view of the totality of 
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applications accessible by the user and displays the view to the administrator. 
[Specification, 19:18:21] 

2. Claim 11 

Claim 11 is directed toward an apparatus. The apparatus includes an identifier 
module to identify the totality of applications accessible by the user by examining 
authentication credential container of the user. [Specification, 19:16-19] The apparatus 
further includes a view generator to generate a view of the totality of applications 
accessible by the user and a view displayer to display the view of the totality of 
applications accessible by the user to the administrator. [Specification, 19:18:21] 

3. Claim 15 

Claim 15 is directed toward an apparatus. The apparatus includes means for 
identifying the totality of applications accessible by the user by examining authentication 
credential container of the user. [Specification, 19:16-19] The apparatus further includes 
means for generating a view of the totality of applications accessible by the user and 
means for displaying the view of the totality of applications accessible by the user to the 
administrator. [Specification, 19:18:21] 

4. Claim 16 

Claim 16 is directed toward a method. The method identifies the totality of 
applications accessible by the user by examining an authentication credential container of 
the user. [Specification, 19:16-19] The method further generates a list of the totality of 
applications accessible by the user and displays the list to the administrator. 
[Specification, 19:18:23] 

5. Claim 17 

Claim 17 is directed toward a method. The method identifies the totality of 
applications accessible by the user and any user names and passwords used in 
connection with the totality of applications by examining an authentication credential 
container of the user. [Specification, 19:6-19] The method further generates a list of the 
totality of applications accessible by the user together with any user names and passwords 



59995-8002.US01/LEGAL1 3665643.1 



-6- 



Application No.: 10/617,607 



Docket No.: 59995.8002.US01 



used in connection with the totality of applications and displays the list to the administrator. 
[Specification, 19:6-21] 

6. Claim 18 

Claim 18 is directed toward a method. The method identifies the totality of 
applications accessible by the user by examining authentication credential container of the 
user. [Specification, 19:16-19] The method further generates a directory of the totality of 
applications accessible by the user and displays the directory to the administrator. 
[Specification, 19:18:23] 

The directory comprises a name of the user, a list of keys employed by the user 
also detailing the type and serial number of each key, a profile of the user detailing a role 
of the user, a name of the user, an email address of the user, a department of the user, an 
employee ID of the user, and any additional attributes of the user that have been specified, 
a means of updating and resetting the profile, a list of all certificate-enabled applications 
accessible by the user also specifying a user name of the user and a last login attempt of 
the user, a means of deleting the user name of the user, a list of all enterprise applications 
accessible by the user also specifying a user name of the user and a last login attempt of 
the user; and a list of all personal application accessible by the user also specifying a 
number of accounts connected to each personal application. [FIG. 7 and 19:21 - 20:1] 

C. Claims on Appeal Which Include Means-Plus-Function Language 
1. Claim 15 

Claim 15 is directed toward an apparatus. The apparatus includes means for 
identifying the totality of applications accessible by the user by examining authentication 
credential container of the user [Specification, 19:16-19]. The apparatus further includes 
means for generating a view of the totality of applications accessible by the user and 
means for displaying the view of the totality of applications accessible by the user to the 
administrator. [Specification, 19:18:21] 
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2. Claim 18 

Claim 18 is directed toward a method. The method identifies the totality of 
applications accessible by the user by examining authentication credential container of the 
user. [Specification, 19:16-19] The method further generates a directory of the totality of 
applications accessible by the user and displays the directory to the administrator. 
[Specification, 19:18:23] 

The directory comprises a name of the user, a list of keys employed by the user 
also detailing the type and serial number of each key, a profile of the user detailing a role 
of the user, a name of the user, an email address of the user, a department of the user, an 
employee ID of the user, and any additional attributes of the user that have been specified, 
a means of updating and resetting the profile, a list of all certificate-enabled applications 
accessible by the user also specifying a user name of the user and a last login attempt of 
the user, a means of deleting the user name of the user, a list of all enterprise applications 
accessible by the user also specifying a user name of the user and a last login attempt of 
the user; and a list of all personal application accessible by the user also specifying a 
number of accounts connected to each personal application. [FIG. 7 and 19:21 -20:1] 

3. Claim 20 

Claim 20 is dependent upon claim 18. The consolidated directory includes means 
for a system administrator to add one or more applications to the lists of the certificate- 
enabled applications, the enterprise applications, or the personal applications of the user. 
[FIG. 7 and 20:14:19] The consolidated directory further includes means for a system 
administrator to delete one or more applications from the lists of the certificate-enabled 
applications, the enterprise applications, or the personal applications. [FIG. 7 and 20:7-13] 



59995-8002.US01/LEGAL13665643.1 



-8- 



Application No.: 10/617,607 



Docket No.: 59995.8002.US01 



VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 
A. The Issues on Appeal 

The issues on appeal and the specific pending claims to which each relates are: 

1 . Whether under 35 U.S.C. § 1 01 claims 1, 5, 7, 8, 11. 15, 18. and 19 claim 
the same invention as that of claims 32, 33, 36, and 37 of U.S. Patent Application No. 
10/383419 and are thus subject to a double patenting rejection. 

2. Whether under 35 U.S.C. § 102(e) claims 1, 3, 6, 11, 13, 15, 16, and 17 
are anticipated by U.S. Patent Application Publication No. 2003/0163513 ("Schaeck"). 

3. Whether under 35 U.S.C. §1 03(a) claims 2, 4, 5, 7-10, 12, 14, and 18-20 
are obvious over Schaeck in view of U.S. Patent Application Publication No. 2002/0138763 
("Delany"). 
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VII. ARGUMENTS 

A. Double Patenting 

Double patenting is defined in M.P.E.P. § 804. As stated in M.P.E.P. § 804, Section 
II (Requirements of a Double Patenting Rejection (including Provisional Rejections)) in the 
context of a statutory double patenting rejection, "same invention" means an invention 
drawn to identical subject matter, citing Miller v. Eagle Mfg. Co. 151 U.S. 186 (1894); In re 
Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA, 1970); and In re Ockert, 245 F.2d 467, 114 
USPQ 330 (CCPA, 1957). Section II.A further states that the test for determining whether 
statutory basis for a double patenting rejection exists is whether "the same invention is 
being claimed twice." A reliable test is whether a claim in the application could be literally 
infringed without literally infringing a corresponding claim in the patent, and vice versa. "Is 
there an embodiment of the invention that falls within the scope of one claim, but not the 
other? If there is such an embodiment, then identical subject matter is not defined by both 
claims and statutory double patenting would not exist." 

Under this test, claims 1, 5, 7, 8, 11, 15, 18, and 19 of the Appellant's invention do 
not claim the same invention as that of claims 32, 33, 36, and 37 of U.S. Patent Application 
No. 10/383419. The Examiner has not shown that the same invention is being claimed 
twice. Therefore, the rejection of the claims should be reversed. 

1. The Rejection of Claims 1 . 5. 7. 8. 1 1 . 1 5. 1 8. and 1 9 as claiming the 
same invention as that of claims 32. 33. 36. and 37 of U.S. Patent 
Application No. 10/383419 is Improper. 

Claims 32 and 33 of U.S. Patent Application No. 10/383419 are dependent claims. 
They are dependent on independent claim 29 which recites the limitations "collecting 
authentication credentials for a plurality of applications accessed by a user" and "playing 
back the authentication credentials for the plurality of applications upon subsequent user 
accesses." Moreover, claim 32 contains the limitation "the credential container is a 
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hardware token, and claim 33 contains the limitation "the credential container is a 
database." 

Claim 36 is an independent claim, and claim 37 depends upon claim 36. 
Independent claim 36 recites the limitations "storing authentication credentials for a 
plurality of applications accessed by a user" and "removing access privileges to at least 
one application of the plurality of applications." Claim 37 recites the limitation 
"authentication credentials are stored on a server." 

a. Claims 1 , 5, 7, and 8 
Claim 1 includes the language: 

identifying the totality of applications accessible by the user by examining 

authentication credential container of the user; and 

generating a view of the totality of applications accessible by the user. 

One distinction between independent claim 1 of the present application and claims 32 and 
33 of U.S. Patent Application No. 10/383419 is that claim 1 does not contain the limitations 
that the credential container is a "hardware token" or a "database." Thus, an embodiment 
of claim 1 of the present application can be constructed to provide a credential container 
different than provided for by claims 32 and 33. 

Distinctions between independent claim 1 of the present application and claims 36 
and 37 of U.S. Patent Application No. 10/383419 are that claim 1 does not provide for 
"storing authentication credentials for a plurality of applications accessed by a user" or 
"removing access privileges to at least one application of the plurality of applications." 
Rather, claim 1 identifies the totality of applications accessible of the user by examining 
authentication credential container of the user and then generating a view of the 
applications, rather than storing credentials or removing access privileges. Thus, claim 1 
of the present application is not the same invention as claimed in claims 36 and 37 of U.S. 
Patent Application No. 10/383419. 

Claims 5, 7, and 8 of the present application are dependent upon the independent 
claim 1 . Claim 5 has the limitation that "the authentication credential container is stored at 



59995-8002. US01/LEGAL 1 3665643. 1 



-11- 



Application No.: 10/617,607 



Docket No.: 59995.8002.US01 



a server." While this limitation is recited in claim 37 of U.S. Patent Application No. 
10/383419, claim 5 includes the limitations of claim 1 of the present application, and as 
discussed above, claim 1 is not the same invention as claimed in claims 36 and 37 of U.S. 
Patent Application No. 10/383419. 

Claim 7 has the limitation that "the creating the user account is performed 
automatically." This limitation is not recited in claims 32, 33, 36, or 37 U.S. Patent 
Application No. 10/383419. 

Claim 8 has the limitation "the creating the user account is performed manually by 
an administrator." This limitation is not recited in claims 32, 33, 36, or 37 U.S. Patent 
Application No. 10/383419. Accordingly, the rejection of claims 1, 5, 7, and 8 of the 
present application under 35 U.S.C. § 101 for double patenting should be withdrawn. 

b. Claim 11 
Claim 1 1 includes the language: 

an identifier module to identify the totality of applications accessible by the 
user by examining authentication credential container of the user; and 
a view generator to generate a view of the totality of applications accessible 
by the user. 

One distinction between independent claim 1 1 of the present application and claims 
32 and 33 of U.S. Patent Application No. 10/383419 is that claim 1 1 does not contain the 
limitations that the credential container is a "hardware token" or a "database." Thus, an 
embodiment of claim 11 of the present application can be constructed to provide a 
credential container different than provided for by claims 32 and 33. 

Distinctions between independent claim 1 1 of the present application and claims 36 
and 37 of U.S. Patent Application No. 10/383419 are that claim 11 does not provide for 
"storing authentication credentials for a plurality of applications accessed by a user" or 
"removing access privileges to at least one application of the plurality of applications." 
Rather, claim 1 1 identifies the totality of applications accessible by the user by examining 
authentication credential container of the user and generating a view of the applications. 
Thus, claim 11 of the present application is not the same invention as claimed in claims 36 
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and 37 of U.S. Patent Application No. 10/383419. Accordingly, the rejection of claim 1 1 of 
the present application under 35 U.S.C. § 101 for double patenting should be withdrawn. 

c. Claim 15 
Claim 15 includes the language: 

means for identifying the totality of applications accessible by the user by 

examining authentication credential container of the user; and 

means for generating a view of the totality of applications accessible by the 

user. 

One distinction between independent claim 15 of the present application and claims 
32 and 33 of U.S. Patent Application No. 10/383419 is that claim 15 does not contain the 
limitations that the credential container is a "hardware token" or a "database." Thus, an 
embodiment of claim 15 of the present application can be constructed to provide a 
credential container different than provided for by claims 32 and 33. 

Distinctions between independent claim 15 of the present application and claims 36 
and 37 of U.S. Patent Application No. 10/383419 are that claim 15 does not provide for 
"storing authentication credentials for a plurality of applications accessed by a user" or 
"removing access privileges to at least one application of the plurality of applications." 
Rather, claim 15 includes a means for identifying the totality of applications accessible of 
the user by examining authentication credential container of the user and means for 
generating a view thereof. Thus, claim 15 of the present application is not the same 
invention as claimed in claims 36 and 37 of U.S. Patent Application No. 10/383419. 
Accordingly, the rejection of claim 15 of the present application under 35 U.S.C. § 101 for 
double patenting should be withdrawn. 

d. Claim 18 
Claim 18 includes the language: 

identifying the totality of applications accessible by the user by examining 
authentication credential container of the user; 

generating a directory of the totality of applications accessible by the user; 
and 
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One distinction between independent claim 18 of the present application and claims 
32 and 33 of U.S. Patent Application No. 10/383419 is that claim 18 does not contain the 
limitations that the credential container is a "hardware token" or a "database." Thus, an 
embodiment of claim 18 of the present application can be constructed to provide a 
credential container different than provided for by claims 32 and 33. 

Distinctions between independent claim 18 of the present application and claims 36 
and 37 of U.S. Patent Application No. 10/383419 are that claim 18 does not provide for 
"storing authentication credentials for a plurality of applications accessed by a user" or 
"removing access privileges to at least one application of the plurality of applications." 
Rather, claim 18 identifies the totality of applications accessible of the user by examining 
authentication credential container of the user and generating a directory thereof. Thus, 
claim 18 of the present application is not the same invention as claimed in claims 36 and 
37 of U.S. Patent Application No. 10/383419. Accordingly, the rejection of claim 18 of the 
present application under 35 U.S.C. § 101 for double patenting should be withdrawn. 

e. Claim 19 

Claim 19 is dependent upon the independent claim 18 and also includes the 
language: 

a specification of a password for each certificate-enabled application, each 
enterprise application, and each personal application. 

One distinction between independent claim 19 of the present application and claims 
32 and 33 of U.S. Patent Application No. 10/383419 is that claim 19 does not contain the 
limitations that the credential container is a "hardware token" or a "database." Thus, an 
embodiment of claim 19 of the present application can be constructed to provide a 
credential container different than provided for by claims 32 and 33. 

Distinctions between independent claim 19 of the present application and claims 36 
and 37 of U.S. Patent Application No. 10/383419 are that claim 19 does not provide for 
"storing authentication credentials for a plurality of applications accessed by a user" or 
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"removing access privileges to at least one application of the plurality of applications." 
Rather, claim 19 identifies the totality of applications accessible of the user by examining 
authentication credential container of the user, generating a view thereof, and includes a 
specification of a password for each certificate-enabled application, each enterprise 
application, and each personal application in the directory. Thus, claim 19 of the present 
application is not the same invention as claimed in claims 36 and 37 of U.S. Patent 
Application No. 10/383419. Accordingly, the rejection of claim 19 of the present 
application under 35 U.S.C. § 101 for double patenting should be withdrawn. 

Because none of claims 1, 5, 7, 8, 11, 15, 18, or 19 of the present application are 
coextensive in scope with claims 32, 33, 36, and 37 of U.S. Patent Application No. 
10/383419, withdrawal of the double patenting rejection is respectfully requested. 

B. Legal Standards for Anticipation 

The Examiner has rejected appealed claims 1, 3, 6, 11, 13, and 15-17 as being 
anticipated under 35 U.S.C. § 102(e), which provides that: 

A person shall be entitled to a patent unless — 

(e) the invention was described in - (1) an application for patent, 
published under section 122(b), by another filed in the United States 
before the invention by the applicant for patent or (2) a patent granted 
on an application for patent by another filed in the United States 
before the invention by the applicant for patent. 

To anticipate a claim, each claim element must be identical to a corresponding element in 
the applied reference. Glaverbel Societe Anonvme v. Northlake Mktq. & Supply. Inc. . 45 
F.3d 1550, 1554 (Fed. Cir. 1995). Indeed, the failure to mention "a claimed element (in) a 
prior art reference is enough to negate anticipation by that reference." Atlas Powder Co. v. 
E.I, du Pont De Nemours & Co. , 750 F.2d 1569, 1574 (Fed. Cir. 1984). To establish a 
prima facie case of anticipation, the Examiner must identify where "each and every facet of 
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the claimed invention is disclosed in the applied reference." Ex parte Lew . 17 U.S.P.Q.2d 
1461, 1462 (Bd. Pat. App. & Interf. 1990). 

Under these standards, Appellant's invention is not anticipated by Schaeck. The 
Examiner has not identified a prior art reference that identically discloses all the elements 
of the appealed claims. Moreover, in rejecting some of the claims, the Examiner has not 
even asserted that Schaeck discloses certain features of those claims and thus has not 
even established a prima facie case of anticipation. Therefore, the rejection of the claims 
should be reversed. 

1. The Rejection of Claims 1. 3. 6. 11. 13, 15. 16, and 17 under 35 
U.S.C. 5102(e) as being Anticipated bv Schaeck is Improper 

a. The Examiner has failed to show how Schaeck anticipates all of 
the recited features of claims 1 . 3. 6. 1 1 . 1 3. 1 5. 1 6. and 1 7 and 
has thereby failed to establish a prima facie case of 
anticipation. 

i. Claims 1 and 1 1 

Claims 1 and 1 1 include a method for providing a system administrator with a view 
of a totality of applications accessible by a user comprising identifying the totality of 
application accessible by the user by examining authentication credential container of the 
user, generating a view of the totality of applications accessible by the user, and displaying 
the view to the administrator. 

The teaching of Schaeck fails to show at least three of the following presently 
claimed elements: 1) identifying the totality of application accessible by the user by 
examining authentication credential container of the user, 2) generating a view of the 
totality of applications accessible by the user, and 3) displaying the view to the 
administrator. 

With respect to the first element, the Examiner apparently identifies the user profiles 
mentioned by Schaeck with the credential containers taught by the Applicant. In 
paragraph 22, Schaeck states that user roles are determined using the user's identification 
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and credentials and user roles are contained in user profiles. In paragraph 66, lines 12-13, 
Schaeck states user profiles may contain user access rights information. However, 
Schaeck does not state that user profiles are credential containers or directories of user 
names, passwords, or other authentication information. 

Further, it is the Examiner's position that Schaeck teaches generating a view of the 
totality of applications accessible by the user. The Examiner is mistaken. The Examiner 
apparently cites paragraph 43, lines 5-7 in support of the limitation "view list of multiple of 
plurality of accessible services or applications." However, Schaeck's disclosure is directed 
toward providing role-specific views for aggregated services, rather than listing or providing 
a view of the accessible services or applications, as evidenced by the following 
descriptions in the Schaeck document: 

(i) In paragraph 20, Schaeck describes the technique of providing role-based 
views of aggregated services as comprising obtaining "a user role corresponding to a user 
of the aggregated service; and using the obtained role to programmatically select a 
corresponding one of the role-specific portlets for each of the software resources, thereby 
providing the role-specific view of the aggregated service. The technique preferably further 
comprises rendering the selected role-specific view for the user." 

(ii) In paragraph 21, Schaeck states, "[u]sing the obtained role preferably further 
comprises: determining which of the one or more software resources should be invoked to 
position the user's entry point into the aggregated service; and using the obtained role to 
programmatically select a role-specific view of the determined software resource." 

Thus, Schaeck teaches that a role-specific view provides access to one or more 
software resources. Schaeck fails to teach that a role-specific view provides a list or a 
view of accessible services or applications. 

Yet further, the Examiner apparently cites paragraph 44, lines 1-4 in support of the 
limitation user actions accessible by the user. Again, the Examiner's interpretation is 
mistaken. In paragraph 44, Schaeck teaches only that web services have user interaction, 
such as presenting data to a user and processing events in response to user actions. 
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Thus, the system administrator may be a user who may access web service applications, 
but nowhere does Schaeck teach that the administrator has access to a view or list of the 
applications accessible by other users. 

Regarding the second element, Schaeck further fails to teach displaying the view of 
the totality of applications accessible by the user. Foremost, as shown above, Schaeck 
fails to teach generating a view of the totality of applications accessible by the user and 
thus cannot be said to teach displaying the view to the administrator. 

However, even if Schaeck taught generation of a view of the totality of applications 
accessible by the user, Schaeck does not teach that the view is displayed to the 
administrator, as the Examiner believes. Schaeck teaches that a system administrator 
may be provided a role-specific view based on the programmatically-determined role of the 
administrator. [Schaeck, para. 68] For example, Schaeck teaches that the role of 
administrator might be to create a composite shopping service, to add or delete services 
from the composite service, or add a customer feedback sub-service. [Schaeck, para. 43, 
lines 13-17] Schaeck also teaches that the administrator may create or modify the work 
flow definition of an aggregated web service and to describe how selected services will 
interact [Schaeck, para 45, lines 5-10] Schaeck also teaches that the administrator may 
define a new service composed of more fine-grained services. [Schaeck, para. 52, lines 4- 
6] However, Schaeck in no way teaches that the role of the system administrator is to view 
the totality of applications accessible by the users. 

Because the cited Schaeck reference does not teach all of the essential elements of 
claims 1 and 11 of the present invention, the Examiner has not established a prima facie 
case of anticipation of claims 1 and 11. The Appellant urges the Board to overturn the 
rejection of claims 1 and 11 based on this reference. 

ii. Claims 3 and 13 

Claim 3 is dependent upon claim 1, and claim 13 is dependent upon claim 11. As 
discussed above, the cited Schaeck reference does not teach all of the essential elements 
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of claims 1 and 11. Thus, Schaeck also does not teach all of the essential elements of 
claims 3 and 13. 

Further, claims 3 and 13 each include the limitation "removing access to an 
application from the totality of the applications by utilizing the view of the totality of the 
applications accessible by the user." The Examiner claims that Schaeck teaches this 
element in paragraph 43, lines 9-15. However, Schaeck teaches only that "users 240 who 
have the role of administrator might be allowed to create a composite shopping service, 
and to add or delete services from the composite service." The ability for an administrator 
to remove services from the composite service affects all users of the aggregated service, 
not just one particular user. 

By failing to point to anything in Schaeck as corresponding to removing access to 
an application of a user, the Examiner has not established a prima facie case of 
anticipation of these claims. The Appellant urges the Board to overturn the rejection of 
claims 3 and 13 based on this reference. 

iii. Claim 6 

Claim 6 is dependent upon claim 3 which is dependent upon claim 1. As discussed 
above, the cited Schaeck reference does not teach all of the essential elements of claims 1 
and 3. Thus, Schaeck also does not teach all of the essential elements of claim 16, and 
the Examiner has not established a prima facie case of anticipation of claim 1. The 
Appellant urges the Board to overturn the rejection of claim 6 based on this reference. 

iv. Claim 15 

Claim 15 includes a method for providing a system administrator with a view of a 
totality of applications accessible by a user comprising means for identifying the totality of 
application accessible by the user by examining authentication credential container of the 
user, means for generating a view of the totality of applications accessible by the user and 
means for displaying the view to the administrator. 



59995-8002.US01/LEGAL1 3665643. 1 



-19- 



Application No.: 10/617,607 



Docket No.: 59995.8002. US01 



As discussed above, the teaching of Schaeck fails to show at least three of the 
following presently claimed elements: 1) means for identifying the totality of applications 
accessible by the user by examining authentication credential container of the user, 2) 
means for generating a view of the totality of applications accessible by the user, and 3) 
means for displaying the view to the administrator. 

Because the cited Schaeck reference does not teach all of the essential elements of 
claim 15 of the present invention, the Examiner has not established a prima facie case of 
anticipation of claim 1 5. The Appellant urges the Board to overturn the rejection of claim 
15 based on this reference. 

v. Claim 16 

Claim 16 includes identifying the totality of applications accessible by the user by 
examining an authentication credential container of the user, generating a list of the totality 
of applications accessible by the user, and displaying the list to the administrator. 

The Examiner claims that there is no disclosure in the specification to display a 
totality of applications accessible and that this is new matter. However, in one 
embodiment of the present invention, the Access Agent uploads credentials of all 
applications that the user uses from the user's SOCI to the IMS to ensure that the IMS 
includes the latest user authentication data. Then the identifier module of the IMS 
identifies applications that user accesses and the view generator module of the IMS 
organizes the uploaded information and presents information about each application to an 
administrator of user's system upon request. [Specification 19:16-21] Thus, the display of 
a totality of applications accessible by the user is not new matter. 

As discussed above, the teaching of Schaeck fails to show at least three of the 
following presently claimed elements: 1) identifying the totality of applications accessible 
by the user by examining an authentication credential container of the user, 2) generating 
a list of the totality of applications accessible by the user, and 3) displaying the list to the 
administrator. Because the cited Schaeck reference does not teach all of the essential 
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elements of the present invention, Appellant urges the Board to overturn the rejection of 
independent claims 16 based on this reference 

vi. Claim 17 

Claim 17 includes identifying the totality of applications accessible by the user and 
any user names and passwords used in connection with the totality of applications by 
examining an authentication credential container of the user, generating a list of the totality 
of applications accessible by the user together with any user names and passwords used 
in connection with the totality of applications, and displaying the list to the administrator. 

The Examiner claims that there is no disclosure in the specification to display a 
totality of applications accessible and that this is new matter. However, in one 
embodiment of the present invention, the Access Agent uploads credentials of all 
applications that the user uses from the user's SOCI to the IMS to ensure that the IMS 
includes the latest user authentication data. Then the identifier module of the IMS 
identifies applications that user accesses and the view generator module of the IMS 
organizes the uploaded information and presents information about each application to an 
administrator of user's system upon request. [Specification 19:16-21] Thus, the display of 
a totality of applications accessible by the user is not new matter. 

As discussed above, the teaching of Schaeck fails to show at least three of the 
following presently claimed elements: 1) identifying the totality of applications accessible 
by the user and any user names and passwords used in connection with the totality of 
applications by examining an authentication credential container of the user, 2) generating 
a list of the totality of applications accessible by the user, and 3) displaying the list to the 
administrator. 

Further, Schaeck fails to teach that together with generating a list of the totality of 
applications accessible by the user, user names and passwords used in connection with 
the totality of applications is also generated. The Examiner fails to point to anything in 
Schaeck as corresponding to this feature. 
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Because the cited Schaeck reference does not teach all of the essential elements of 
the present invention, Appellant urges the Board to overturn the rejection of independent 
claims 17 based on this reference 

C. Legal Standards for Obviousness 

Claims 2, 4, 5, 7-10, 12, 14, and 18-20 on appeal stand rejected as obvious under 
35 U.S.C. § 103(a). 35 U.S.C. § 103(a) provides: 

(a) A patent may not be obtained though the invention is not 
identically disclosed or described as set forth in section 102 of 
this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter 
as a whole would have been obvious at the time the invention 
was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be 
negatived by the manner in which the invention was made. 

To properly reject claims as obvious, "the examiner bears the initial burden of presenting a 
prima facie case of obviousness." In re Rijckaert, 9 F.3d 1531, 1532, 28 U.S.P.Q.2d 
(BNA) 1955, 1956 (Fed. Cir. 1993). To present a prima facie case of obviousness, the 
Examiner must show that "there was an apparent reason to combine the known elements 
in the fashion claimed by the patent at issue." KSR Int'l Co. v. Teleflex Inc., 127 S.Ct. 
1727, 1741 (2007). Relevant considerations may include "interrelated teachings of 
multiple patents; the effects of demands known to the design community or present in the 
marketplace; and the background knowledge possessed by a person having ordinary skill 
in the art." Id. The Examiner's analysis "should be made explicit." Id. "[Rejections on 
obviousness grounds cannot be sustained by mere conclusory statements; instead, there 
must be some articulated reasoning with some rational underpinning to support the legal 
standard of obviousness." Id. (citing In re Kahn, 441 F.3d 977, 988 (Fed. Cir. 2006)). 

Under these standards, Appellant's invention would not have been obvious. The 
Examiner has not identified references that disclose or suggest all the elements of the 
pending claims. Furthermore, the Examiner has not identified an apparent reason to 
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combine the references in the manner recited in each of Appellant's claims. Therefore, the 
rejection of the claims should be reversed. 

1. The Rejection of Claims 2. 4. 5. 7-10. 12. 14. and 18-20 under 35 
U.S.C. $1 03(a) over Schaeck in view of Delanv is Improper 

a. The Examiner has failed to show how the combination of 
Schaeck and Delanv teaches or suggests all of the recited 
features of claims 2. 4. 5. 7-10. 12. 14. and 18-20 and has 
thereby failed to establish a prima facie case of obviousness 

i. Claims 2 and 12 

As discussed above with respect to independent claims 1 and 11 which claims 2 
and 12 are dependent upon, respectively, the cited Schaeck reference does not teach 
identifying the totality of applications accessible by the user by examining authentication 
credential container of the user, generating a view of the totality of applications accessible 
by the user, or displaying the view to the administrator. The cited Delany reference also 
does not teach identifying the totality of applications accessible by the user by examining 
authentication credential container of the user, generating a view of the totality of 
applications accessible by the user, or displaying the view to the administrator. Thus, 
neither Schaeck nor Delany nor any combination thereof teaches identifying the totality of 
applications accessible by the user by examining authentication credential container of the 
user, generating a view of the totality of applications accessible by the user, or displaying 
the view to the administrator. The Examiner has not presented a prima facie case of 
obviousness, and claims 2 and 12 should be allowed. 

ii. Claims 4 and 14 

As discussed above with respect to independent claims 1 and 1 1 which claims 4 
and 14 are dependent upon, respectively, the cited Schaeck reference does not teach 
identifying the totality of applications accessible by the user by examining authentication 
credential container of the user, generating a view of the totality of applications accessible 
by the user or displaying the view to the administrator. 
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Further, claims 4 and 14 include the limitation "creating a user account for a new 
application to be accessible by the user utilizing the generated view." As shown above, 
Schaeck fails to teach generating a view of the totality of applications accessible by the 
user and thus cannot be said to create a user account for a new application to be 
accessible by the user utilizing the generated view. Moreover, the Examiner did not point 
to anything in Delany as corresponding to utilizing the generated view. Thus, neither 
Schaeck nor Delany nor any combination thereof teaches creating a user account for a 
new application to be accessible by the user utilizing the generated view. The Examiner 
has not presented a prima facie case of obviousness. Thus, claims 4 and 14 should be 
allowed. 



As discussed above with respect to independent claims 1 and 4, which claims 5 and 
7-9 are dependent upon, the cited Schaeck reference does not teach identifying the totality 
of applications accessible by the user by examining authentication credential container of 
the user, generating a view of the totality of applications accessible by the user or 
displaying the view to the administrator, or creating a user account for a new application to 
be accessible by the user utilizing the generated view. The cited Delany reference also 
does not teach these elements. Thus, neither Schaeck nor Delany nor any combination 
thereof teaches identifying the totality of applications accessible by the user by examining 
authentication credential container of the user, generating a view of the totality of 
applications accessible by the user, displaying the view to the administrator, or creating a 
user account for a new application to be accessible by the user utilizing the generated 
view. The Examiner has not presented a prima facie case of obviousness. Thus, claims 5 
and 7-9 should be allowed. 



As discussed above with respect to independent claim 1 which claim 10 is 
dependent upon, the cited Schaeck reference does not teach identifying the totality of 
applications accessible by the user by examining authentication credential container of the 



iii. 



Claims 5 and 7-9 



IV. 



Claim 10 
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user, generating a view of the totality of applications accessible by the user or displaying 
the view to the administrator. The cited Delany reference also does not teach these 
elements. Thus, neither Schaeck nor Delany nor any combination thereof teaches 
generating a view of the totality of applications accessible by the user or displaying the 
view to the administrator. The Examiner has not presented a prima facie case of 
obviousness. Thus, claim 10 should be allowed. 

v. Claim 18 

The Examiner claims that there is no disclosure in the specification for the following 
elements in the directory: 1 ) a list of keys employed by the user also detailing the type and 
serial number of each key, 2) a list of all certificate-enabled applications accessible by the 
user also specifying a user name of the user and a last login attempt of the user, 3) a list of 
all enterprise applications accessible by the user also specifying a user name of the user 
and a last login attempt of the user, and 4) a list of all personal application accessible by 
the user also specifying a number of accounts connected to each personal application. 
However, all of these elements are shown in FIG. 7 which illustrates a consolidated 
directory view as presented to the administrator. [Specification, FIG. 7 and para. 56, lines 
11-13] Thus, the listed elements of the directory are not new matter. The Examiner fails to 
point to anything in Schaeck or Delany as corresponding to these features. 

Further, as discussed above, the teaching of Schaeck fails to show at least three of 
the following presently claimed elements: 1) identifying the totality of applications 
accessible by the user by examining authentication credential container of the user, 2) 
generating a directory of the totality of applications accessible by the user, and 3) 
displaying the directory to the administrator. Because neither Schaeck nor Delany nor any 
combination thereof teaches all of the essential elements of the present invention, 
Appellant urges the Board to overturn the rejection of independent claims 18 based on this 
reference. 

vi. Claim 19 
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Claim 19 is dependent upon claim 18. As discussed above, the cited Schaeck 
reference does not teach all of the essential elements of claims 18. Thus, Schaeck also 
does not teach all of the essential elements of claim 19. 

Further, as shown above, Schaeck fails to teach generating a directory of the totality 
of applications accessible by the user and thus cannot be said to teach displaying the 
directory to the administrator wherein the directory includes a specification of a password 
for each certificate-enabled application, each enterprise application, and each personal 
application. 

However, even if Schaeck taught generation of a directory of the totality of 
applications accessible by the user, Schaeck does not teach that the directory is displayed 
to the administrator wherein the directory includes a specification of a password for each 
certificate-enabled application, each enterprise application, and each personal application, 
as the Examiner believes. Schaeck teaches that user passwords are provided to the sub- 
services of an aggregated service and are encrypted for storing securely. However, 
Schaeck in no way teaches that the role-specific view of the system administrator includes 
a listing of passwords of other users of the system. 

Because neither Schaeck nor Delany nor any combination thereof teaches all of the 
essential elements of the present invention, Appellant urges the Board to overturn the 
rejection of independent claims 19 based on this reference. 

vii. Claim 20 

Claim 20 is dependent upon claim 18. As discussed above, the cited Schaeck 
reference does not teach all of the essential elements of claims 18. Thus, Schaeck also 
does not teach all of the essential elements of claim 20. 

Because neither Schaeck nor Delany nor any combination thereof teaches all of the 
essential elements of the present invention, Appellant urges the Board to overturn the 
rejection of independent claims 20 based on this reference. 
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b. The Examiner has failed to show that there is a rational 

apparent reason to combine Schaeck and Delany and has 
thereby failed to establish a prima facie case of obviousness 

The Examiner has not articulated a rational apparent reason to combine Schaeck 
and Delany to arrive at any of Appellant's claims. In determining whether there is an 
apparent reason to combine cited references, the Examiner's analysis must be explicit and 
"cannot be sustained by mere conclusory statements." KSR Int'l Co. v. Teleflex Inc., 127 
S.Ct. 1727, 1741 (2007) (citing In re Kahn, 441 F.3d 977, 988 (Fed. Cir. 2006)). The 
Examiner must articulate "reasoning with some rational underpinning to support the legal 
standard of obviousness." Id. The Examiner characterized Delany's discussion at 
paragraph 14 as an apparent reason to combine Schaeck with Delany. In particular, the 
Examiner states that one skilled in the art would have reason to combine Schaeck with 
Delany "in order to, within a consolidated view or a single source, enable the addition and 
removal of directory entry attributes for an existing user or group." (Final Office Action, 
April 6, 2007, p. 10) However, this is simply a recitation of one of the purposes behind 
Delany's invention, which is directed to a system that allows for the removal and addition of 
attributes to an existing group or other type of entry. This is not a reasoned analysis of 
why one skilled in the art would have reason to combine the cited references, or even to 
alter Delany in any respect. The Examiner has not satisfied the burden of articulating a 
rational apparent reason to combine the cited art to arrive at any of Appellant's claims. 
Accordingly, the pending claims were improperly rejected under 35 U.S.C. § 103(a). 
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In view of the foregoing remarks, Appellant submits that all of the pending claims 
are in condition for allowance and patentably define over the prior art, and urge the Board 
to overturn the Examiner's rejections. 



Dated: October 23. 2007 Respectfully submitted, 



By fu\a^ £^fLL 
Lisa Vv*. Liou 

Registration No.: 54,275 
PERKINS COIE LLP 
101 Jefferson Drive 
Menlo Park, California 94025 
(650) 838-4300 
(650) 838-4350 (Fax) 
Attorneys for Applicant 
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CLAIMS APPENDIX 
Claims Involved in the Appeal of Application Serial No. 10/617,607. 

1. A method for providing a system administrator with a view of a totality of 
applications accessible by a user, comprising: 

identifying the totality of applications accessible by the user by examining 
authentication credential container of the user; 

generating a view of the totality of applications accessible by the user; and 
displaying the view to the administrator. 

2. The method of claim 1 wherein the view is a consolidated directory of the totality 
of the applications. 

3. The method of claim 1 further comprising removing access to an application 
from the totality of the applications by utilizing the view of the totality of the 
applications accessible by the user. 

4. The method of claim 1 further comprising: 

creating a user account for a new application to be accessible by the user 
utilizing the generated view; and 

injecting authentication information of the user account into the authentication 
credential container of the user. 

5. The method of claim 4 wherein the authentication credential container is stored 
at a server. 

6. The method of claim 3 wherein the removing is performed automatically. 
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7. The method of claim 4 wherein the creating the user account is performed 
automatically. 

8. The method of claim 4 wherein the creating the user account is performed 
manually by an administrator. 

9. The method of claim 4 wherein the authentication information is injected into a 
hardware device of the user. 

10. The method of claim 1 further comprising removing individual user directories for 
each application of the totality of the applications accessible by the user. 

11. An apparatus for providing a system administrator with a view of a totality of 
applications accessible by a user, comprising: 

an identifier module to identify the totality of applications accessible by the user 
by examining authentication credential container of the user; 

a view generator to generate a view of the totality of applications accessible by 
the user; and 

a view displayer to display the view of the totality of applications accessible by 
the user to the administrator. 

12. The apparatus of claim 11 wherein the view is a consolidated directory of the 
totality of the applications. 

13. The apparatus of claim 11 further comprising an interface to assist in removing 
access to an application from the totality of the applications by utilizing the view 
of the totality of the applications accessible by the user. 
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14. The apparatus of claim 11 further comprising an interface to assist in creating a 
user account for a new application to be accessible by the user utilizing the 
generated view and injecting authentication information of the user account into 
the authentication credential container of the user. 

15. An apparatus for providing a system administrator with a view of a totality of 
applications accessible by a user, comprising: 

means for identifying the totality of applications accessible by the user by 
examining authentication credential container of the user; 

means for generating a view of the totality of applications accessible by the user; 
and 

means for displaying the view of the totality of applications accessible by the 
user to the administrator. 

16. A method for providing a system administrator with a list of a totality of 
applications accessible by a user, comprising: 

identifying the totality of applications accessible by the user by examining an 
authentication credential container of the user; 

generating a list of the totality of applications accessible by the user; and 
displaying the list to the administrator. 

17. A method for providing a system administrator with a list of a totality of 
applications accessible by a user together with any user names and passwords 
used in connection with those applications, comprising: 

identifying the totality of applications accessible by the user and any user names 
and passwords used in connection with the totality of applications by examining 
an authentication credential container of the user; 
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generating a list of the totality of applications accessible by the user together 
with any user names and passwords used in connection with the totality of 
applications; and 

displaying the list to the administrator. 

18. A method for providing a system administrator with a consolidated directory of a 
totality of applications accessible by a user, the method comprising: 

identifying the totality of applications accessible by the user by examining 
authentication credential container of the user; 

generating a directory of the totality of applications accessible by the user; and 
displaying the directory to the administrator; 
the directory comprising: 
a name of the user; 

a list of keys employed by the user also detailing the type and serial number of 
each key; 

a profile of the user detailing a role of the user, a name of the user, an email 
address of the user, a department of the user, an employee ID of the user, and 
any additional attributes of the user that have been specified; 

a means of updating and resetting the profile; 

a list of all certificate-enabled applications accessible by the user also specifying 
a user name of the user and a last login attempt of the user; 

a means of deleting the user name of the user; 

a list of all enterprise applications accessible by the user also specifying a user 
name of the user and a last login attempt of the user; and 

a list of all personal application accessible by the user also specifying a number 
of accounts connected to each personal application; 
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1 9. The consolidated directory of claim 1 8, further comprising: 

a specification of a password for each certificate-enabled application, each 
enterprise application, and each personal application. 

20. The consolidated directory of claim 18, further comprising: 

means for a system administrator to add one or more applications to the lists of 
the certificate-enabled applications, the enterprise applications, or the personal 
applications of the user; and 

means for a system administrator to delete one or more applications from the 
lists of the certificate-enabled applications, the enterprise applications, or the 
personal applications. 
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EVIDENCE APPENDIX 

No evidence pursuant to §§ 1.130, 1.131, or 1.132 or entered by or relied upon by 
the Examiner is being submitted. 
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RELATED PROCEEDINGS APPENDIX 

There are no other appeals, interferences, or judicial proceedings which will have a 
bearing on the Board's decision in this appeal. 
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